This week we will talk about cybernetics, the study of control and communication processes in living beings, machines and economic and sociological systems. These last years, a lot of research work in cybersecurity focus on trying to formalize and gather the right semantics and ontologies to better caracterize the cyber threat world. A good news, the research paper we are presenting now is highly encouraging as its objective is to utilize a formalized language created by the researchers to automatically trace attack campaigns through patterns.
Detecting patterns in attackers' modus operandi is a crucial aspect of studying APT. However, prior research has been hindered by the absence of precise, relevant, and comprehensive datasets that represent current threats. Indeed, obtaining the right data is complex due to concerns over companies' reputation, privacy, and security. This article offers an alternative solution to these challenges in data collection. It introduces a formal model of an attacker's tactical progression during their network propagation phase. This model outlines the attacker's state, propagation area, knowledge of the environment, and collected infos. This formalization enables an unambiguous description of the PWNJUTSU experiment.
The second contribution of this article is the public release of the PWNJUTSU dataset, a great help for cybersecurity researchers who always lack good data to base their work on !